Lucene search

K
redhatcveRedhat.comRH:CVE-2024-30172
HistoryJun 19, 2024 - 3:20 a.m.

CVE-2024-30172

2024-06-1903:20:44
redhat.com
access.redhat.com
21
bouncy castle
java cryptography
ed25519
verification code
infinite loop
crafted signature
public key

AI Score

6.1

Confidence

High

A flaw was found in the Bouncy Castle Java Cryptography APIs. Affected versions of this package are vulnerable to an Infinite loop issue in ED25519 verification in the ScalarUtil class. This flaw allows an attacker to send a malicious signature and public key to trigger a denial of service.